1. Field of the Invention
The present invention relates to a control apparatus configured to perform communications with a data processing apparatus via a network.
2. Description of the Related Art
In general IP (Internet Protocol) network environments, routers (default gateways) play an important role in establishing connections between different network addresses. The routers can store a routing table to determine a transmission direction for an incoming IP packet and transfer the packet to an appropriate network.
For example, when a node “a” belonging to IP network A performs IP communications with a node “b” belonging to IP network B, no direct communications can be realized because of their different network addresses. Hence, the node “a” must set an address of node “b” as a destination IP address for a packet to be sent out and designate a router address as a destination MAC address. Meanwhile, a router receives the packet and transfers the packet to the network B with reference to the routing table. The packet transferred to the network B is then delivered to the node “b”. And, transmission of data is accomplished.
Furthermore, there is a conventional routing apparatus that can perform address conversion for the purpose of solving the exhaustion of addresses or related problems. In the present-day Internet environments, LANs (Local Area Network) are available, as a fundamental IP communication tool, even in small offices and homes. The nodes connected to each LAN have IP addresses that are generally called as private addresses. The private addresses are a group of IP addresses that can be freely used in a limited environment. In this respect, the private addresses are particular values different from those for the global address used on the Internet.
Routers can connect respective LANs to the Internet. Thus, there is a possibility that a private address may leak out of a LAN to the Internet when a node of the LAN is connected to a Web server on the Internet. When a LAN is connected to the Internet, from the viewpoint of security, the router does not usually permit routing incoming from the Internet to the LAN, although an opposite routing from a node of the LAN to the Internet is allowed. Therefore, the IP communications cannot be performed if a private address leaks out to the Internet.
NAT (Network Address Translation) is a technique that can solve such a problem. More specifically, due to the NAT technique, a router can change a source IP address of a packet to a global address of the router when a node of the LAN performs IP communications with a node on the Internet. With this processing, the router can eliminate any leakage of private addresses when packets are sent out of nodes of a LAN to the Internet. Furthermore, a communication destination node on the Internet can return a response packet to the source because the source IP address contained in the received packet is an Internet IP address of the router. When the router receives the response packet, the router transfers the response packet to the node of LAN (i.e. to the source).
Furthermore, as a NAT-based technique, there is NAPT (Network Address Port Translation) or IP masquerade. NAPT is a technique that enables a router to perform mapping of ports in addition to rewriting of a source IP address of a packet to a global address of the router when a node of the LAN performs IP communications with a node on the Internet. In general, ports are allocated to respective nodes of a LAN. By rewriting a source port of a packet sent out of a node, each node can be discriminated by a port number when LAN includes a plurality of nodes.
For example, an image processing system based on the NAT or NAPT technique is disclosed in Japanese Patent Application Laid-open No. 2005-026971. It is now supposed that there is a system including a data processing apparatus connected via a local network to an external controller that is connected to a public network. For example, the data processing apparatus has the capability of forming file data of a scanned image and transferring the file data to various servers on a public network according to FTP (File Transfer Protocol) or Email protocol. Furthermore, the external controller can function as a router executing the NAT processing. The external controller can also expand or enhance the functions of the data processing apparatus. For example, a security function for enciphering communications between the public network and the external controller can be included.
In this system, when the data processing apparatus communicates with a node on the public network, the external controller performs the NAT processing for a packet to be sent from the data processing apparatus and transfers the packet having a converted address to the node. In this respect, the external controller can perform the NAT processing for the data processing system. The data processing apparatus and the external controller can be regarded as one system, when seen from a node on the public network.
Furthermore, in a system using a data processing apparatus and an external controller based on the NAT or NAPT technique, the packet being sent out of the data processing apparatus can be rewritten without relying on the NAT or NAPT technique. For example, when a data processing apparatus notifies a node on the public network of a product name of its own device, the product name may be a product name of the data processing apparatus itself or a product name of a system including the data processing apparatus and an external controller.
In such a case, the external controller can rewrite a product name contained in a payload portion of an IP packet and can transfer the rewritten name to a node on the public network. For example, “C3220” is given as a product name for the data processing apparatus itself, and “C3220-C1” is given as a product name for the system including the data processing apparatus and the external controller.
The data processing apparatus sends a packet containing the name “C3220” in its payload portion. The external controller, when performing the NAT processing, rewrites its payload portion (i.e., substitutes “C3220-C1” for “C3220”). In this manner, not only converting the address or the port but also rewriting the payload portion enable management application software to regard both the data processing apparatus and the external controller as one system.
According to the above-described data processing apparatus and the external controller employing the payload rewriting technique in addition to the NAT or NAPT technique, network settings for their devices are generally done commonly and simultaneously. The external controller and the data processing apparatus can share various information with respect to servers connected to the public network, when they communicate with nodes on the public network. To this end, the external controller can perform settings for the shared information and sends the set values to the data processing apparatus.
However, according to the above-described technique, there is a time lag before setting contents become valid in the data processing apparatus after a user has accomplished the network settings on the external controller. Thus, even after the set values are sent out of the external controller, the data processing apparatus is continuously kept in the same operational conditions. In such a case, to forcibly validate the new settings, the data processing apparatus must reboot the system or its power source must be turned on again (hereinafter, simply referred to as “reboot”). However, a user may not interrupt an operation on the data processing apparatus, and accordingly reboot of the system may be postponed. Thus, the data processing apparatus continues its operation based on old set values.